Not just a card…

Not just a card. The card is the least of it…

The proposed identity managementsystem has multiple layers:

The NIR (National Identification Register) – individual checking and numbering of the population – marking many personal details as “registrable facts” to be disclosed and constantly updated – collection and checking of biometrics (e.g. fingerprints) – the card itself – a widespread scanner network and secure (one hopes) infrastructure connecting it to the central database – provision for use across the private and public sectors – data-sharing between organisations on an unprecedented scale.

Massive accumulation of personal data:

51 categories of “registrable fact” were set out in the last Bill, though they could be added to. Effectively an index to all other official and quasi-official records, through cross-references and an audit trail of all checks on the Register, the NIR would be the key to a total life history of every individual, to be retained even after death.

Overseas ID cards are not comparable:

Many western countries that have ID cards do not have a shared register. Mostly ID cards have been limited in use, with strong legal privacy protections. In Germany centralisation is forbidden for historical reasons, and when cards are replaced, the records are not linked. Belgium has made use of modern encryption methods and local storage to protect privacy and prevent data-sharing, an approach opposite to the Home Office’s. The UK scheme is closest to those of some Middle Eastern countries and of the People’s Republic of China – though the latter has largely given up on biometrics.

The Government has not made a case. There is no evidence the system will produce the stated benefits. Less liberty does not imply greater security.

Terrorism:

ID does not establish intention. Competent criminals and terrorists will be able to subvert the identity system. Random outrages by individuals can’t be stopped. Ministers agree that ID cards will not prevent atrocities. A blank assertion that the department would find it helpful is not an argument that would be entertained for fundamental change in any other sphere of government but national security. Where is the evidence? Research suggests there is no link between the use of identity cards and the prevalence of terrorism, and in no instance has the presence of an identity card system been shown a significant deterrent to terrorist activity. Experts attest that ID, unjustifiably presumed secure, actually diminishes security.

Illegal immigration and working:

People will still enter Britain using foreign documents – genuine or forged – and ID cards offer no more deterrent to people smugglers than passports and visas. Employers already face substantial penalties for failing to obtain proof of entitlement to work, yet there are only a handful of prosecutions a year.

Benefit fraud and abuse of public services:

Identity is “only a tiny part of the problem in the benefit system.” Figures for claims under false identity are estimated at £50 million (0.5%) of an (estimated) £2 billion per year in fraudulent claims.

Identity fraud:

Both Australia and the USA have far worse problems of identity theft than Britain, precisely because of general reliance on a single reference source. Costs usually cited for of identity-related crime here include much fraud not susceptible to an ID system. Nominally ‘secure’, trusted, ID is more useful to the fraudster. The Home Office has not explained how it will stop registration by identity thieves in the personae of innocent others.

Overcomplicated, unproven technology

Computer system:

IT providers find that identity systems work best when limited in design. The Home Office scheme combines untested technologies on an unparalleled scale. Its many inchoate purposes create innumerable points for failure. The government record with computer projects is poor, and the ID system is likely to end up a broken mess.

Biometrics:

Not all biometrics will work for all people. Plenty are missing digits, or eyes, or have physical conditions that render one or more biometrics unstable or hard to read. All systems have error. Deployment on a vast scale, with variably trained operators and variably maintained and calibrated equipment, will produce vast numbers of mismatches, leading to potentially gross inconvenience to millions.

Identity Cards will cost money that could be better spent

No ceiling:

The Government has not ventured figures for the cost to the country as whole of the identity management scheme. That makes evaluation difficult. Civil Service IT experience suggests current projections are likely to be seriously underestimated. Home Office figures are for internal costs only, and have risen sharply – where they are not utterly obscure. Industry estimates suggest that public and private sector compliance costs could easily be double whatever is spent centrally.

Opportunity costs:

The Government has not even tried to show that national ID management will be more cost-effective than less spectacular alternative, targeted, solutions to the same problems (whether tried and tested or novel). We are to trust to luck that it is.

Taxpayer pain:

Even at current estimates, the additional tax burden of setting up the scheme will be of the order of £200 per person. The direct cost to individuals (of a combined passport and ID card package) is quoted as £85. The impact on other departmental and local authority budgets is unknown. The scope and impact of arbitrary penalties would make speed cameras trivial by comparison.

Unchecked executive powers

Broad delegated power:

The Home Office seeks wide discretion over the future shape of the scheme. There are more than 30 types of regulatory power for future Secretaries of State. These could be used to change the functions and content of the system ad lib. The scope, application and possible extension are extra-parliamentary decisions, even if nominally subject to approval.

Presumption of accuracy:

Data entered onto the National Identity Register (NIR) is arbitrarily presumed to be accurate. Meanwhile, the Home Office gets the power to alter information – without informing the individual – if it is deemed ‘inaccurate’ or ‘incomplete’. But there’s no duty to ensure that such data is accurate or criterion of accuracy. Personal identity is implicitly made wholly subject to state control.

Compulsion by stealth:

Even during the so-called ‘voluntary’ phase, the Home Secretary can order any category of people to register, and can add any person to the Register without their consent. Anyone newly applying for a passport or other “designated document”, or renewing an existing one, will automatically be entered. This is less a “phased” introduction than a clandestine one. There is to be no choice. And the minimum of notice to the public about the change in the handling of their registrable information.

Limited oversight:

As proposed, the National Identity Scheme Commissioner would have very limited powers and is excluded from considering a number of key issues. He does not even report directly to Parliament. The reliance on administrative penalties means severe punishments may be inflicted without judicial process. The onus is on the individual to seek relief from the courts, at a civil standard of proof. Those who most require the protection of a fair trial are the least likely to be able to resort to legal action.

Individuals managed by executive order:

Without reference to the courts or any appeals process, the Home Secretary may cancel or require surrender of an identity card, without a right of appeal, at any time. Given that the object of the scheme is that an ID card will be eventually required to exercise any ordinary civil function, this amounts to granting the Home Secretary the power of civic life and death.

The National Identity Register creates specific new threats to individuals

Discrimination – no guarantees:

There have been vapid “assurances” made to some minority groups. That underlines the potential for threat. The system offers a ready-made police-state tool for a future government less trustworthy than the current one. A Home Secretary could create classifications of individuals to be registered as he sees fit, introducing onerous duties backed by severe penalties for fractions of the population. Religious or ethnic affiliation, for example, could be added to the Register by regulation – or be inferred by cross-referencing other information using a National Identity Register Number or associated data.

‘Papers, please’:

ID cards in practice would provide a pretext for those in authority – public or private – to question individuals who stand out for reasons of personal appearance or demeanour. This is likely to exacerbate divisions in society. The Chairman of the Bar Council has asked: “is there not a great risk that those who feel at the margins of society – the somewhat disaffected – will be driven into the arms of extremists?”

Third party abuse:

The requirement that all those registered notify all changes in details risks creating the means of tracking and persecution through improper use of the database. A variety of persons have good reason to conceal their identity and whereabouts, for example: those fleeing domestic abuse; victims of “honour” crimes; witnesses in criminal cases; those at risk of kidnapping; undercover investigators; refugees from oppressive regimes overseas; those pursued by the press; those who may be terrorist targets. The seizure of ID cards (like benefit-books and passports now) will become a means for extortion by gangsters.

Lost identity, becoming an un-person:

By making ordinary life dependent on the reliability of a complex administrative system, the scheme makes myriad small errors potentially catastrophic. There’s no hint from the government how it will deal with inevitably large numbers of mis-identifications and errors, or deliberate attacks on or corruption of what would become a critical piece of national infrastructure. A failure in any part of the system at a check might deny a person access to his or her rights or property or to public services, with no immediate solution or redress – “license to live” withdrawn.

Newsblog

Recently China implemented new restrictions on the use of Virtual Private Networks (VPNs), by introducing the requirement for VPN providers to be registered with the Chinese Government. VPNs are very popular in China as a means of getting around the Chinese Government’s internet monitoring and...

One of the most interesting phenomena to come out of the leaks of Hilary Clinton’s campaign chairman John Podesta’s e-mails last year was the Pizzagate affair, which has also morphed into “Paedogate” (For those of you interested in getting a flavour of Pizzagate the #Pizzagate...

Two recent news articles highlight issues with the database state and the fallacy of the “nothing to hide, nothing to fear” argument so often used to claim surveillance is not something the law abiding should be worried about. The first was a report in the...

NO2ID have recently picked up on a worrying new strategic data sharing initiative in Greater Manchester. It is called GM-Connect and it was initiated in January 2016, but we have only become aware of it recently because there hasn’t been much publicity about it. Official...

Campaign group NO2ID [1] says a provision tacked on to the Digital Economy Bill announced in the Queen’s Speech hides “a revolution in government”, “a Whitehall coup”. Little notice has so far been taken of the bland-sounding “use of data to deliver government services” [2],...